A quick look at ElasticSearch Marvel…

Recently our partner Elasticsearch released a new security product – Shield. What is Shield? Shield is the security product that plugs directly into Elasticsearch, easily adding enterprise-grade security to the ELK stack. Shield protects data with:

 

 Role-Based Access Control

 Authentication System Support

 Encrypted Communications

 Audit Logging

 IP Filtering

 

We’re excited about the release of  Shield because it really provides the ELK stack a more secure, scalable platform for businesses to extract insights out of mission-critical data in real time especially Big Data apps. Check out the FAQ we’ve compiled on Shield below:

 

Why did Elasticsearch launch a security product?

Elasticsearch could always be secured through proxies, firewalls and other external systems, but customers started to ask for a more tightly integrated security and administrative solution with advanced features. The 1.0 release of Shield is their first attempt at responding to this request, as well as lays the groundwork for future and frequent release cycles that will extend the functionality incrementally and rapidly over time.

 

Why is Shield a commercial product vs. open source?

Elasticsearch is extremely focused on developing and growing its open source projects, Elasticsearch, Logstash, and Kibana, as well as their respective communities. The commercial part of their business strategy focuses on adding capabilities on top of this open source core that we feel are more targeted towards a business/corporate implementation. They continue to build their commercial offerings as plugins on top of our public APIs, which allows them to keep the open source projects open source.

 

Will Elasticsearch be closed source next?

No. Developing the open source Elasticsearch, Logstash, and Kibana projects is thier top priority and accordingly, they devote the vast majority of our development effort to these projects.

 

How do I get Shield?

New customers will get a Shield license when they purchase a Platinum or Gold Elasticsearch subscription. Shield will be free to download, no registration required prior to getting started. Like Marvel, it will be installed as a plugin with a single command. The plugin contains a free 30-day license that beings once the plugin is installed.

 

Why isn’t Shield available outside of the Gold and Platinum subscription plans?

Elasticsearch is committed to providing Subscription plans that add significant value to customers — including Shield is a great way for Elasticsearch to deliver even more value. Development customers also get access to Shield at no additional cost.

 

How much do Gold and Platinum subscriptions cost?

Please contact us.

 

Do existing Gold or Platinum Elasticsearch customers have to pay more for Shield?

Existing Gold and Platinum customers benefit from Shield without any additional cost. To learn more about activating Shield, please contact us.

 

How do I configure Shield?

Full documentation is available on the Elasticsearch website.  For further integration assistance, a development subscription or consulting engagement from Shadow-Soft would be a good option.

 

Why is Shield better than alternatives (like a reverse-proxy, or the Jetty plugin?)

Shield integrates with Elasticsearch at a low level, providing a range of security capabilities inside the cluster itself. Many of the existing security workarounds, like setting up a reverse-proxy or the Jetty plugin have limited capabilities and/or are implemented external to the Elasticsearch cluster. By integrating security at a low-level, we can provide granular role-based access control based on our authentication, and protect all cluster communication – within the cluster and between thecluster and clients. None of the other partial solutions have the same breadth of feature coverage, and none are as tightly integrated.

 

What versions of Elasticsearch, Logstash, Kibana, Marvel, and es-hadoop are supported? Shield is compatible with:

 

 Elasticsearch: Use Elasticsearch 1.4

 Kibana: Use Kibana 3.1 or 3.1.1 or Kibana 4 Betas.

 Logstash: Logstash 1.5 Beta1 or higher has a plugin that enables support for Shield.

 Marvel: Marvel 1.3.

 Language clients: All language clients work with Shield.

 

For more background on the theory and process behind Shield, see the blog post from Shay Banon, the creator of Elasticsearch and founder of Elasticsearch.

 

Don’t see your question here? As an authorized Elasticsearch partner and integrator we can help.